Responsibilities:
- Plan and lead engagements with independent assessors to earn security and privacy certifications and attestations important to Anthropic customers and enterprise partnerships, and to meet regulatory obligations.
- Understand how Anthropic's security and privacy capabilities across major cloud platforms implement common frameworks (e.g., NIST 800-53, NIST 800-171, ISO 27001, ISO 27701, CSA CCM, and SOC 2)
- Build scalable audit management processes and documentation systems that will support future expansion to additional geographies and compliance frameworks
- Write, update and enact policies capturing security, privacy, and AI safety requirements.
- Maintain and enhance Anthropic's system of security controls through audit readiness, recordkeeping, and cross-functional communication
You may be a good fit if you:
- Have 8+ years of progressive experience in audit and compliance roles, with direct ownership of certification/attestation projects
- Have worked in cloud-native environments and understand security and privacy considerations for multi-cloud architectures
- Can translate complex compliance requirements into actionable workstreams for technical and non-technical stakeholders
- Have built common controls frameworks or GRC systems that scaled with organizational growth
- Write clear and useful security and privacy documentation for both external and internal audiences.
- Thrive in ambiguous, fast-paced environments where you'll need to build processes from scratch
- Are comfortable organizing time-bounded task management of delegated work streams across a diverse organization
- Are energized by being the subject matter expert who educates the organization on new compliance requirements
Strong candidates may also:
- Have worked in AI/ML companies and understand unique security considerations for model development and deployment
- Bring experience from high-growth technology companies managing rapid compliance expansion
- Have some experience implementing automated enforcement of security controls (i.e., compliance as code)
- Possess relevant certifications (CISA, CRISC, CISM, CISSP, or ISO 27001 Lead Auditor/Implementer)
Candidates need not have:
- Done everything on this list before—we value learning agility and willingness to tackle novel compliance challenges in the AI space
Deadline to apply: None. Applications will be reviewed on a rolling basis.
The annual compensation range for this role is below. For sales roles, the range provided is the role’s On Target Earnings ("OTE") range, meaning that the range includes both the sales commissions/sales bonuses target and annual base salary for the role. Our total compensation package for full-time employees includes equity and benefits.
Annual Salary:
$270,000 - $345,000 USD
Logistics
Education requirements: We require at least a Bachelor's degree in a related field or equivalent experience.
Location-based hybrid policy: Currently, we expect all staff to be in one of our offices at least 25% of the time. However, some roles may require more time in our offices.
Visa sponsorship: We do sponsor visas! However, we aren't able to successfully sponsor visas for every role and every candidate. But if we make you an offer, we will make every reasonable effort to get you a visa, and we retain an immigration lawyer to help with this.
We encourage you to apply even if you do not believe you meet every single qualification. Not all strong candidates will meet every single qualification as listed. Research shows that people who identify as being from underrepresented groups are more prone to experiencing imposter syndrome and doubting the strength of their candidacy, so we urge you not to exclude yourself prematurely and to submit an application if you're interested in this work. We think AI systems like the ones we're building have enormous social and ethical implications. We think this makes representation even more important, and we strive to include a range of diverse perspectives on our team.